Any creative solution to make it harder for hackers to copy your IdP login page?
Tom Scavo
trscavo at gmail.com
Mon Mar 26 17:17:54 EDT 2018
On Mon, Mar 26, 2018 at 4:00 PM, Wessel, Keith <kwessel at illinois.edu> wrote:
> An interesting suggestion, and I'll pass that along, but I somehow doubt it. If they aren't looking at the address bar, they probably won't look at the green address bar. But you never know. We have conditioned users to look for the padlock icon.
Right, there's probably an educational component to this no matter
what you do (including nothing).
My credit union discourages phishing by prompting for the username on
one page (www.example.com) and the password on another
(my.example.com). The password page is customized based on the
username. When I set up my CU account (years ago), I had to choose a
Security Phrase and a Security Picture. These always appear on my
custom password page.
Hope this helps,
Tom
More information about the users
mailing list